cache packet_ttl(): fix wrong TTL in some cases, typically 32768

A notable case is when authoritative server incorrectly sends
a reply without any record but with EDNS.

For the OPT, the TTL field contains extended-error, EDNS version,
DO bit and mandatorily zeroed bits.  As extended-error isn't usually
set by authoritative servers outside SERVFAIL, and EDNS version
is just 1 so far, we'd end up with TTL either 32768 (DO=0) or with
a value clamped by maximum TTL (86400 by default).

diff --git a/lib/cache/entry_pkt.c b/lib/cache/entry_pkt.c
index 228eabb789afe7c967d3a9a70e07e6c19841746a..094cb1f4a1280023a24f368ea9b143ff8ca190e9 100644 (file)
--- a/lib/cache/entry_pkt.c
+++ b/lib/cache/entry_pkt.c
@@ -24,6 +24,11 @@ uint32_t packet_ttl(const knot_pkt_t *pkt)
                const knot_pktsection_t *sec = knot_pkt_section(pkt, i);
                for (unsigned k = 0; k < sec->count; ++k) {
                        const knot_rrset_t *rr = knot_pkt_rr(sec, k);
+                       if (rr->type == KNOT_RRTYPE_OPT) {
+                               // Various nonsensical RRs might happen,
+                               // but for OPT the TTL means something different.
+                               continue;
+                       }
                        ttl = MIN(ttl, rr->ttl);
                        has_ttl = true;
                }